<?php
include_once "../application/dataAccess.php";
$da = new dataAccess();

function getDoupleQuoteText($text)
{
	return str_replace("'", "''", $text);
}
session_start();


$UserID = trim($_SESSION['user_id']);
if($UserID == "")
{
	$UserID = session_id();		
}

$tr = isset($_GET['tr']) ? intval($_GET['tr']) : 0;
if($tr != 0) {
	$sql = "SELECT * FROM tbl_references WHERE User='".$UserID."' AND ID='".$tr."'";
	$res = mysql_query($sql);
	$result = mysql_fetch_assoc($res);
	$title_reference_id = $result['ID'];
	$title_reference = $result['Title_Reference'];	
} else {
	$sql = "SELECT * FROM tbl_references WHERE User='".$UserID."' ORDER BY CreatedDate DESC LIMIT 1";
	$res = mysql_query($sql);
	$result = mysql_fetch_assoc($res);
	$num = mysql_num_rows($res);
	if($num == 1) {
		$title_reference_id = $result['ID'];
		$title_reference = $result['Title_Reference'];
	} else {
		$d = date("Y-m-d H:i:s");
		$sql2 = "INSERT INTO tbl_references SET Title_Reference='Untitled references', User='".$UserID."', CreatedDate='".$d."', UpdatedDate='".$d."'";
		$res2 = mysql_query($sql2);
		$title_reference = "Untitled References";	
		$title_reference_id = mysql_insert_id();
	}	
}

if(isset($_POST['SubmitBook']))
{
	$_SESSION['add'] = 1;
	$chkbox = $_POST['chk1'];
	$txtbox = $_POST['txt1'];
	$country = $_POST['country1'];
	$size = sizeof($_POST['country1']);
	$count="";
	$title_rf = $title_reference_id;
	
	for($i=0;$i<=$size;$i++){
	$comm = (($size-2)>=$i)? ", " : ".";
	if($_POST['txt1'][$i]!="")
	$auth .= $_POST['txt1'][$i]."`".$_POST['country1'][$i].$comm;
	}
	if(isset($_SESSION['ReferenceCode']))
	{
		$codes = $_SESSION['ReferenceCode'];
	}
	else
	{
		$_SESSION['ReferenceCode'] = date("Ymdhis");
		$codes = $_SESSION['ReferenceCode'];
	}
	$isbn = $_POST['isbn'];
	if(isset($_GET['_e']) && $_GET['_e'] != "")
	{
		$str  = "update composedocument set booktitle='". getDoupleQuoteText($_POST['title1']). "',publisher='". getDoupleQuoteText($_POST['pub1']) . "',";
		$str .= "pcity='". getDoupleQuoteText($_POST['pcity1']) . "',pyear='". getDoupleQuoteText($_POST['date1']) . "',edition='". getDoupleQuoteText($_POST['edition1']) . "',";
		$str .= "pagenumber='" . getDoupleQuoteText($_POST['pages1']) . "',firstname='". getDoupleQuoteText($_POST['firstname1']) ."',lastname='" . getDoupleQuoteText($_POST['lastname1'])."',";
		$str .= "author='". getDoupleQuoteText($auth) . "', isbn ='" . getDoupleQuoteText($isbn) . "' where id='". getDoupleQuoteText($_GET['_e'])."'";
	}
	else{
		if ($isbn != "")
		{
			//check exist
			$sql = "SELECT * FROM composedocument WHERE isbn ='" . getDoupleQuoteText($isbn) . "' AND username='" . getDoupleQuoteText($UserID) . "' AND types='book' AND title_reference='$title_rf'";
			$resultQuery = mysql_query($sql);		
			$countDB = mysql_num_rows($resultQuery);		
			if ($countDB == 0)
			{		
				$str  = "insert into composedocument set booktitle='". getDoupleQuoteText($_POST['title1']) . "',publisher='" . getDoupleQuoteText($_POST['pub1']) . "',";
				$str .= "pcity='" . getDoupleQuoteText($_POST['pcity1'])."',pyear='". getDoupleQuoteText($_POST['date1']) . "',edition='".getDoupleQuoteText($_POST['edition1']) . "',";
				$str .= "pagenumber='" . getDoupleQuoteText($_POST['pages1']) . "',firstname='" . getDoupleQuoteText($_POST['firstname1']) . "',lastname='" . getDoupleQuoteText($_POST['lastname1']) . "',";
				$str .= "author='". getDoupleQuoteText($auth) . "', isbn ='" . getDoupleQuoteText($isbn) . "',username='" . getDoupleQuoteText($UserID) . "',types='book',reference='$codes', title_reference='$title_rf'";
			}		
			else
			{
				echo "-1";
				return;
			}		
		}
		else
		{
			$str  = "insert into composedocument set booktitle='". getDoupleQuoteText($_POST['title1']) . "',publisher='" . getDoupleQuoteText($_POST['pub1']) . "',";
			$str .= "pcity='" . getDoupleQuoteText($_POST['pcity1'])."',pyear='". getDoupleQuoteText($_POST['date1']) . "',edition='".getDoupleQuoteText($_POST['edition1']) . "',";
			$str .= "pagenumber='" . getDoupleQuoteText($_POST['pages1']) . "',firstname='" . getDoupleQuoteText($_POST['firstname1']) . "',lastname='" . getDoupleQuoteText($_POST['lastname1']) . "',";
			$str .= "author='". getDoupleQuoteText($auth) . "', isbn ='" . getDoupleQuoteText($isbn) . "',username='" . getDoupleQuoteText($UserID) . "',types='book',reference='$codes', title_reference='$title_rf'";
		}
	}
	
	$exe = mysql_query($str);
	if($exe)
	{
		echo "true";		
	}
	else
	{
		echo "false";		
	}
	return;
}

if (isset($_POST['SaveMultiBooks']))
{
	$_SESSION['add'] = 1;
	$title_rf = $title_reference_id;
	
	$separated_item = "@#kk$%";
	$separated_items = "@#009900$%";
	$books = explode($separated_items, $_POST['dataMultiBook']);	
	foreach($books as $book)
	{
		if (trim($book) == "")
		{
			continue;
		}
		
		$items = explode($separated_item, $book);		
		$countItem = count($items);		
		if ($countItem == 6)
		{
			$title = $items[0];
			$publisher = $items[1];
			$pcity = $items[2];
			$pyear = $items[3];
			$edition = $items[4];
			$full_name = $items[5];
			$author = "";
			$first_name = "";
			$last_name = "";
			$names = split(" ", $full_name);
			$countName = count($names);
			
			if ($countName > 0)
			{
				$first_name = $names[0];
				if ($countName > 1)
				{
					$last_name = $names[$countName - 1];
				}
			}
			
			$str  = "insert into composedocument set booktitle='". getDoupleQuoteText($title) . "',publisher='" . getDoupleQuoteText($publisher) . "',";
			$str .= "pcity='" . getDoupleQuoteText($pcity)."',pyear='". getDoupleQuoteText($pyear) . "',edition='".getDoupleQuoteText($edition) . "',";
			$str .= "firstname='" . getDoupleQuoteText($first_name) . "',lastname='" . getDoupleQuoteText($last_name) . "',";
			$str .= "author='". getDoupleQuoteText($author) . "',username='" . getDoupleQuoteText($UserID) . "',types='book',reference='$codes', title_reference='$title_rf'";
			
			$exe = mysql_query($str);
			if($exe)
			{
				echo "true";		
			}
			else
			{
				echo "false";		
			}
			return;
		}
	}
}

if(isset($_POST['SubmitJournal']))
{
	$_SESSION['add'] = 1;
	$chkbox = $_POST['chk2'];
	$txtbox = $_POST['txt2'];
	$country = $_POST['country2'];
	$size = sizeof($_POST['country2']);
	$count="";
	$title_rf = $title_reference_id;
	
	for($i=0;$i<=$size;$i++){
	$comm = (($size-2)>=$i)? "," : "";
	if($_POST['txt2'][$i]!="")
	$auth .= $_POST['txt2'][$i]."`".$_POST['country2'][$i].$comm;
	}
	if(isset($_GET['_e']) && $_GET['_e'] != "")
	{
		$str  = "update composedocument set booktitle='". getDoupleQuoteText($_POST['title2'])."',publisher='" . getDoupleQuoteText($_POST['pub2']) . "',";
		$str .= "journaltitle='" . getDoupleQuoteText($_POST['journal2']) . "',issuenumber='" . getDoupleQuoteText($_POST['issue2']) . "',";
		$str .= "digitalobject='" . getDoupleQuoteText($_POST['digital2']) . "',";
		$str .= "pcity='" . getDoupleQuoteText($_POST['pcity2']) . "',pyear='" . getDoupleQuoteText($_POST['date2']) . "',edition='" . getDoupleQuoteText($_POST['edition2']) . "',";
		$str .= "pagenumber='" . getDoupleQuoteText($_POST['pages2']) . "',firstname='" . getDoupleQuoteText($_POST['firstname2']) . "',lastname='" . getDoupleQuoteText($_POST['lastname2']) ."',";
		$str .= "author='". getDoupleQuoteText($auth) . "' where id='". getDoupleQuoteText($_GET['_e']) . "'";
	}
	else
	{
		$str  = "insert into composedocument set booktitle='" . getDoupleQuoteText($_POST['title2']) . "',publisher='" . getDoupleQuoteText($_POST['pub2']) . "',";
		$str .= "journaltitle='" . getDoupleQuoteText($_POST['journal2']) . "',issuenumber='" . getDoupleQuoteText($_POST['issue2']) . "',";
		$str .= "digitalobject='" . getDoupleQuoteText($_POST['digital2']) ."',";
		$str .= "pcity='" . getDoupleQuoteText($_POST['pcity2'])."',pyear='" . getDoupleQuoteText($_POST['date2']) . "',edition='" . getDoupleQuoteText($_POST['edition2']) . "',";
		$str .= "pagenumber='" . getDoupleQuoteText($_POST['pages2'])."',firstname='" . getDoupleQuoteText($_POST['firstname2']) . "',lastname='".$_POST['lastname2']."',";
		$str .= "author='" . getDoupleQuoteText($auth) . "',username='" . getDoupleQuoteText($UserID) . "',types='journal', title_reference='$title_rf'";	
	}
	$exe = mysql_query($str);	
	if($exe)
	{
		echo "true";		
	}
	else
	{
		echo "false";		
	}
	return;
}

if(isset($_POST['Submitwebsite']))
{
	$_SESSION['add'] = 1;
	$chkbox = $_POST['chk3'];
	$txtbox = $_POST['txt3'];
	$country = $_POST['country3'];
	$size = sizeof($_POST['country3']);
	$count="";
	$title_rf = $title_reference_id;
	
	for($i=0;$i<=$size;$i++){
	$comm = (($size-2)>=$i)? ", " : ".";
	if($_POST['txt3'][$i]!="")
	$auth .= $_POST['txt3'][$i]."`".$_POST['country3'][$i].$comm;
	}
	if(isset($_GET['_e']) && $_GET['_e'] != "")
	{
		$str  = "update composedocument set name_of_webpage='". getDoupleQuoteText($_POST['name_of_webpage']) . "',name_of_website='" . getDoupleQuoteText($_POST['name_of_website']) . "',";
		$str .= "website_year='" . getDoupleQuoteText($_POST['website_year']) . "',website_month='" . getDoupleQuoteText($_POST['website_month']) . "',website_day='".$_POST['website_day']."',";
		$str .= "website_year_accessed='" . getDoupleQuoteText($_POST['website_year_accessed']) . "',";
		$str .= "website_month_accessed='" . getDoupleQuoteText($_POST['website_year_accessed']) . "',";
		$str .= "website_day_accessed='" . getDoupleQuoteText($_POST['website_day_accessed'])."',";
		$str .= "website_url='" . getDoupleQuoteText($_POST['website_url']) . "',";	
		$str .= "firstname='" . getDoupleQuoteText($_POST['firstname3']) . "',lastname='" . getDoupleQuoteText($_POST['lastname3']) . "',";
		$str .= "author='" . getDoupleQuoteText($auth) . "' where id='". getDoupleQuoteText($_GET['_e']) . "'";
	}
	else
	{
		$str  = "insert into composedocument set name_of_webpage='" . getDoupleQuoteText($_POST['name_of_webpage']) . "',name_of_website='" . getDoupleQuoteText($_POST['name_of_website']) . "',";
		$str .= "website_year='" . getDoupleQuoteText($_POST['website_year']) . "',website_month='" . getDoupleQuoteText($_POST['website_month']) . "',website_day='" . getDoupleQuoteText($_POST['website_day']) . "',";
		$str .= "website_year_accessed='" . getDoupleQuoteText($_POST['website_year_accessed']) . "',";
		$str .= "website_month_accessed='" . getDoupleQuoteText($_POST['website_month_accessed']) . "',";
		$str .= "website_day_accessed='" . getDoupleQuoteText($_POST['website_day_accessed']) . "',";
		$str .= "website_url='" . getDoupleQuoteText($_POST['website_url']) . "',";		
		$str .= "firstname='" . getDoupleQuoteText($_POST['firstname3']) . "',lastname='" . getDoupleQuoteText($_POST['lastname3']) . "',";
		$str .= "author='". getDoupleQuoteText($auth) . "',username='" . getDoupleQuoteText($UserID) . "',types='web', title_reference='$title_rf'";	
	}
	$exe = mysql_query($str);
	if($exe)
	{
		echo "true";		
	}
	else
	{
		echo "false";		
	}
	return;
}

echo "false";
?>